const { expressjwt } = require("express-jwt");
const { JWTSECRET } = require("../config/index.js");
const handleAuth = expressjwt({
    secret: JWTSECRET,
    algorithms: ['HS256'],
    getToken: function fromHeaderOrQuerystring(req) {
        if (
            req.headers.authorization &&
            req.headers.authorization.split(" ")[0] === "Bearer"
        ) {
            return req.headers.authorization.split(" ")[1];
        } else if (req.query && req.query.token) {
            return req.query.token;
        }
        return null;
    },
    onExpired: async (req, err) => {
        if (new Date() - err.inner.expiredAt < 3000) { return; }
        throw err;
    },
}).unless({
    // 不需要验证 token 的路径标识符
    path: ['/user/login', '/user/checkEmailExists', '/user/checkEmailCode', '/user/resetPassword', '/user/sendEmailCode', '/user/register', '/common/uploadimg', "/common/publicKey", "/info/beacon", "/info/pixel"]
})
module.exports = handleAuth